<?php
class nguoidungdb {
    public function Them($MaND, $TenND, $MatKhau, $Quyen){
        $sql = "INSERT INTO `nguoidung`(`MaND`, `TenND`, `MatKhau`, `Quyen`)"
                +"VALUES($MaND, $TenND, $MatKhau, $Quyen)";
        
        $data = new dataservice();
        return $data->ExecuteNoneQuery($sql);
    }
    
    public function CapNhatQuyen($MaND, $Quyen){
        $sql = "UPDATE `nguoidung` SET Quyen=$Quyen WHERE MaND=$MaND";
        
        $data = new dataservice();
        return $data->ExecuteNoneQuery($sql);
    }
    
    public function DoiMatKhau($MaND, $MatKhau, $MatKhauMoi){
        $data = new dataservice();
        
        $sql_mk = "SELECT MatKhau FROM `nguoidung`  WHERE MaND=$MaND";
        $mk = $data->ExecuteQuery($sql_mk);
        $sql = "UPDATE `nguoidung` SET MatKhau=$MatKhauMoi Where $MatKhau=$mk";
        
        return $data->ExecuteNoneQuery($sql);
    }
    
    public function ThongTinNguoiDug($MaND){
        $data = new dataservice();
        $sql = "SELECT TenND, MatKhau, Quyen"
                +"FROM `nguoidung` WHERE MaND=`$MaND`";
        
        return $data->ExecuteQuery($sql);
    }
    
    public function Xoa($MaND){
        $data =new dataservice();
        $sql = "DELETE FROM `nguoidung` Where MaND=$MaND";
        
        return $data->ExecuteNoneQuery($sql);
    }
    
}
?>
